9c8137a56a
Update File_and_Directory_Discovery.md
...
Adding more commands taken from Waterbug/Turla
2018-01-11 17:12:09 +07:00
dcccde9adc
Merge pull request #57 from redcanaryco/Haag
...
Mac - Discovery Techniques
2018-01-09 15:11:42 -07:00
29cf36761a
Mac Discovery
...
Added many techniques to Discovery for Mac
2018-01-09 14:53:47 -07:00
533e27193f
Update chain_reaction_Fission.bat
2018-01-09 10:52:57 -07:00
72a010b9b1
Merge pull request #56 from redcanaryco/Haag
...
Mac - Credential Access
2018-01-09 10:07:55 -07:00
c4bbef438a
Mac Credential Access
...
Added two Credential Access
2018-01-09 10:01:11 -07:00
f4fe0d67d6
Merge pull request #53 from infosecn1nja/patch-1
...
Persistence .bashrc / .bash_profile
2018-01-09 09:26:41 -07:00
ee4d1f9e22
Merge pull request #54 from redcanaryco/Haag
...
Mac Persistence
2018-01-09 09:26:15 -07:00
3c84c659f5
Mac Persistence
...
Added many mac persistence items and updated readme
2018-01-09 09:07:41 -07:00
4480d4d11d
Cron Job name fix
...
Removed incorrect name and made it proper.
2018-01-09 07:08:46 -07:00
8f10054683
Update Mac ReadMe
...
Added all the missing pieces to the puzzle
2018-01-09 07:03:47 -07:00
a54ad3e2a8
Merge pull request #51 from redcanaryco/Haag
...
Mac Additions
2018-01-08 14:58:21 -07:00
c9d674bf80
Merge pull request #49 from JimmyAstle/Discover/Files_folders_Linux
...
Discover/files_folders_Linux
2018-01-08 14:55:40 -07:00
b56282c007
Merge pull request #52 from JimmyAstle/Discovery/System_Information_Discovery
...
Adding in some Linux System OS discovery one liners
2018-01-08 14:54:39 -07:00
4842ffb05d
Persistence .bashrc / .bash_profile
2018-01-07 05:55:19 +07:00
42d3c51ed9
Fix Mac Grid
...
* Updated Mac grid to add “.md” on Indicator_Removal_On_Host to resolve
404.
2018-01-03 23:11:30 -05:00
0df10d39cb
Merge remote-tracking branch 'redcanaryco/master'
2018-01-03 23:07:54 -05:00
f5c1d7af56
Adding in some Linux System OS discovery one liners
2018-01-03 17:34:12 -05:00
6160fd756e
Readme
...
Boring readme update
2018-01-03 09:07:53 -07:00
0b6275cf50
Mac Additions
...
+ Account Discovery
+ File and Directory Discovery
2018-01-03 09:05:14 -07:00
d0d71177e1
Merge branch 'master' into Discover/Files_folders_Linux
2018-01-03 10:34:10 -05:00
9a4b06e89d
Merge pull request #50 from JimmyAstle/Defense_Evasion/Clear_history
...
Defense evasion/clear_history
2018-01-03 07:30:49 -07:00
a8ae18ca0b
Merge pull request #48 from JimmyAstle/Discovery/Account_Linux
...
Discovery/account_Linux
2018-01-03 07:30:10 -07:00
e36a8e3377
Removing the groups command as that should live in a seperate spot
2018-01-02 17:20:28 -05:00
7f78ad5ace
Adding in missing table link for Account Discovery
2018-01-02 17:16:27 -05:00
976b27a683
Merge branch 'master' into Haag
2018-01-02 14:54:44 -07:00
6dea66bdec
Defense Evastion
...
+ Added method to stop event logs
2018-01-02 14:54:21 -07:00
219534d464
Updating Table to link to file and folder discovery
2018-01-02 16:11:04 -05:00
919993d886
Couple of fun searching techniques
2018-01-02 16:07:07 -05:00
e7d731615e
Adding in a few more account discovery techniques
2018-01-02 16:03:14 -05:00
22d7cdcec8
Echo white space into bach history
2018-01-02 15:45:53 -05:00
7dd644c77b
Adding in dev/null bash history symlink
2018-01-02 15:36:15 -05:00
68e5c6c5ab
Merge pull request #47 from atmathis
...
Add/Change Mac Techniques
Cleanup AllTheThings Payload
2018-01-02 07:55:00 -07:00
1cb5f30dc0
Update Input_Prompt.md
2018-01-02 07:52:43 -07:00
3ef9e7a62c
Mac Defense Evasion/Launchctl
...
* Added Mac Defense Evasion/Launchctl and updated Matrix
2018-01-01 17:18:54 -05:00
5802bb2df8
Mac Indicator Removal on Host
...
* Added Mac Defense Evasion / Indicator Removal on Host and updated
Matrix
2018-01-01 17:07:42 -05:00
a9b36650cd
Mac Hidden Users
...
* Added Defense Evasion/Hidden Users and updated Matrix
2018-01-01 16:38:43 -05:00
9b9bd358ed
Update HISTCONTROL
...
* Added route to setting permanently in .bash_profile
2018-01-01 16:17:10 -05:00
0ddc31b336
Mac/Linux HISTCONTROL
...
* Added HISTCONTROL for Mac and Linux, and updated Matrices
* Corrected Gatekeeper Bypass title
2018-01-01 16:02:52 -05:00
232d5eea29
Add Mac Defense Evasion/Disabling Security Tools
...
* Added Disabling_Security_Tools under Mac Defense Evasion and added to
Matrix
* Added existing GateKeeper Bypass page to Matrix
2018-01-01 15:10:44 -05:00
cac4566d2c
Revert "Revert "Linux/Mac Command Clear""
...
This reverts commit 6439416b26
2018-01-01 14:30:45 -05:00
6439416b26
Revert "Linux/Mac Command Clear"
...
This reverts commit a0c6b2953c
2018-01-01 14:29:48 -05:00
a0c6b2953c
Linux/Mac Command Clear
...
* Updated title on Clear Command History
* Replicated Clear Command History from Mac to Linux
* Added links to both matrices
2018-01-01 14:27:09 -05:00
dce29fd24d
Add/Change Mac and All the Things cleanup
...
Created Mac/Credential_Access/Input_Prompt
Added AppleScript password prompt to Credential Access/Input Prompt
Cleanup Mac/Execution/AppleScript
Updated Mac Grid
Updated formatting on AllTheThings test.bat
2017-12-29 12:12:54 -05:00
568edb7654
Merge pull request #46 from redcanaryco/Protoss-Dev
...
Update All The Things
2017-12-20 15:39:52 -07:00
d266915612
Update All The Things
2017-12-20 15:39:07 -07:00
54181ad230
Merge pull request #45 from redcanaryco/persistence
...
Persistence & Updates
2017-12-13 15:20:34 -07:00
33d6b91220
Windows ReadMe
...
Fixed link
2017-12-13 10:26:48 -08:00
aee2840fd5
New Persistence
...
+ Office Application Startup
-- Added DDEAUTO and Dragon's Tail link
+ Registry Run Keys and Start Folder
-- Added a couple of items to make this interesting.
+Updated Windows Readme
2017-12-12 15:35:09 -08:00
a53d8d91cd
Merge pull request #44 from redcanaryco/Protoss-Dev
...
Fix Typo
2017-12-07 08:24:18 -08:00
rahmatnurfauzi